GNU bug report logs -
#28811
11.90.2.2017-07-25; preview-at-point fails with Ghostscript-error
Previous Next
Full log
View this message in rfc822 format
David Kastrup <dak <at> gnu.org> writes:
> Ken Sharp <ken.sharp <at> artifex.com> writes:
>>
>> And the unsafe context you are storing is what exactly ?
>
> The object you get when executing "safe" before executing .setsafe.
s/"safe"/"save"/ of course.
> Calling restore on it reverts to non-safe mode, so we don't want it
> accessible to the potentially unsafe code executed in -dSAFER mode.
>
> I mean, that's the textbook and documented way of using .runandhide .
> It's not like we invented it.
>
>> Usually these result in crashes but we've also seen denial of service,
>> directory and file traversal/retrieval and some cases where it was
>> possible to execute arbitrary code. Note that these have been true in
>> some instances even when -dSAFER is set.
>
> Calling "safe"
"save" again. Sorry.
> in unsafe mode will deliver an object useful for returning from
> -dSAFER _if_ code has access to that object. .runandhide was the
> documented way of hiding the object away from potentially unsafe code.
>> Given the rather acrimonious past history of our discussions, I think
>> it may be better if I hand this to a colleague. I'll speak to someone
>> tomorrow and see if they are willing to take it on.
I am not sure that having to start over explaining will lead to an
improvement of my ability to communicate.
Being better able to tell computers what I am talking about than humans
is not exactly rewarding for me either, but when I am the main person
responsible for affected code, there is not much of a way for me to pass
the bucket.
--
David Kastrup
This bug report was last modified 7 years and 185 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.